Difference between revisions of "Umask"

From ArchWiki
Jump to: navigation, search
(root's umask==regular user's umask; example for root removed)
(reword, don't explain how to edit a text file, see also Help:Style; defaults are explained in the first section)
Line 5: Line 5:
  
 
==Setting the umask==
 
==Setting the umask==
You can setup the umask value in {{ic|/etc/bashrc}} or {{ic|/etc/profile}} for all users. By default, most Linux distros set it to {{ic|0022}} ({{ic|022}}) or {{ic|0002}} ({{ic|002}}).
+
You can set the umask value through the ''umask'' command. Most Linux distributions set a default value of {{ic|0022}} ({{ic|022}}, including Arch [https://projects.archlinux.org/svntogit/packages.git/tree/trunk/profile?h=packages/filesystem]) or {{ic|0002}} ({{ic|002}}) in {{ic|/etc/profile}} or in the default [[Command Shell|shell]] configuration files, e.g. {{ic|/etc/bashrc}}.
  
Open {{ic|/etc/profile}} (global setting)
+
If you need to set a different value, you can either directly edit such file, thus affecting all users, or call ''umask'' from your shell's user configuration file, e.g. {{ic|~/.bashrc}}. Any changes will only take effect after the next login.
# vi /etc/profile
+
or {{ic|~/.bashrc}} (per-user setting)
+
$ vi ~/.bashrc
+
 
+
Append/modify the following line to setup a new umask:
+
umask 022
+
Save and close the file. Changes will take effect after next login.
+
  
 
==Meaning of the umask value==
 
==Meaning of the umask value==
Line 20: Line 13:
 
The base permissions for directories are {{ic|0777}} ({{ic|rwxrwxrwx}}) and for files they are {{ic|0666}} ({{ic|rw-rw-rw}}).
 
The base permissions for directories are {{ic|0777}} ({{ic|rwxrwxrwx}}) and for files they are {{ic|0666}} ({{ic|rw-rw-rw}}).
  
The default umask for regular users is {{ic|0022}}. That means the write bit for the group ({{ic|2}} in the 3rd place) and all other users ({{ic|2}} in the 4th place) are cleared. This mask results in default permissions of {{ic|755}} for directories and {{ic|644}} for files.
+
Setting a umask value of {{ic|022}} means that the write bit for the group ({{ic|2}} in the second place) and all other users ({{ic|2}} in the third place) are cleared. This mask results in default permissions of {{ic|755}} for directories and {{ic|644}} for files.
  
 
To calculate directory permissions for a umask value of {{ic|022}} (regular user):
 
To calculate directory permissions for a umask value of {{ic|022}} (regular user):

Revision as of 04:55, 12 February 2014

The user file-creation mode mask (umask) is used to determine the file permission for newly created files. It can be used to control the default file permission for new files. It is a four-digit octal number.

Setting the umask

You can set the umask value through the umask command. Most Linux distributions set a default value of 0022 (022, including Arch [1]) or 0002 (002) in /etc/profile or in the default shell configuration files, e.g. /etc/bashrc.

If you need to set a different value, you can either directly edit such file, thus affecting all users, or call umask from your shell's user configuration file, e.g. ~/.bashrc. Any changes will only take effect after the next login.

Meaning of the umask value

The base permissions for directories are 0777 (rwxrwxrwx) and for files they are 0666 (rw-rw-rw).

Setting a umask value of 022 means that the write bit for the group (2 in the second place) and all other users (2 in the third place) are cleared. This mask results in default permissions of 755 for directories and 644 for files.

To calculate directory permissions for a umask value of 022 (regular user):

Base permission:      777
Subtract umask value: 022 (-)
Directory permission: 755

To calculate file permissions for a umask value of 022 (regular user):

Base permission:      666
Subtract umask value: 022 (-)
File permission:      644

The following example explains the steps needed to set a umask value that will result in permission values 700 for directories and 600 for user files. The idea very simply is that only the user will be allowed to read or write the file, or to access the contents of the directory.

Base permission:       777 / 666
Subtract umask value:  077 / 077 (-)
Resulting permissions: 700 / 600
$ umask 077
$ touch file.txt
$ mkdir directory
$ ls -ld file.txt directory

Output:

drwx------ 2 vivek vivek 4096 2007-02-01 02:21 directory
-rw------- 1 vivek vivek    0 2007-02-01 02:21 file.txt
Sample umask values and permissions
umask value 	User 	Group 	Others
0000 		all 	all 	all
0007 		all 	all 	none
0027 		all 	read 	none

For more information, see man bash and man umask.

See Also

http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html (the source of this article)